Jensgeorg

**Name of the Vulnerable Software and Affected Versions** GUPnP versions prior to 1.0.7 GUPnP versions 1.1.x GUPnP versions 1.2.x through 1.2.4 **Description** The issue allows DNS rebinding, which can be exploited by a remote web server to trick a victim's browser into triggering actions against local UPnP services. This could potentially be used for data exfiltration or data tampering, depending on the affected service. **Recommendations** For GUPnP versions prior to 1.0.7, update to version 1.0.7 or later. For GUPnP versions 1.1.x, update to version 1.2.5 or later. For GUPnP versions 1.2.x through 1.2.4, update to version 1.2.5 or later.